System and method for facilitating electronic financial transactions using a mobile telecommunication device

ABSTRACT

A transaction processing system for processing a transaction between a supplier and a customer, said system comprising a supplier device for initiating the transaction, a system server and a mobile communication device, said device containing a message processing program module for enabling local verification of the transaction within the mobile device, wherein a transaction message is sent from the supplier device to the system server, a message requesting payment for the transaction is sent from the system server to the mobile communication device, the transaction is authorized and verified at the mobile telecommunications device from which a verification message is sent back to the system server, and the transaction is then processed.

TECHNICAL FIELD

The present invention relates to a system and method for facilitatingelectronic financial transactions. More particularly, one aspect of theinvention relates to a system and method for facilitating electronicfinancial transactions between a goods or services provider and aconsumer using a system server in communication with a supplier device,a mobile communication device and a transaction processing server.

The present invention also relates to a system and method for sendingservice suggestion messages to mobile communication devices. It alsorelates to a method of confirming the validity of a service suggestion.

BACKGROUND ART

A number of proposals have been made to enable electronic financialtransactions to be conducted using mobile phones. Some of these involvethe transmission of a customer's mobile telephone number over theinternet to a supplier's website. In such a system, the supplier's sitetransmits the telephone number, a supplier identifier and a relevantproduct reference to a management server which then contacts thecustomer by sending an SMS message to the mobile telephone number. Thecustomer then provides his or her consent to the transaction and mayprovide an identifying authentication. The management server then sendsa message to the supplier's site confirming the customer's consent andthe supplier may then arrange for delivery of the relevant product (eg,see PCT/FR00/03440). Such a system has a very low level of security and,therefore, users of such a system run a significant risk that messagestransmitted over the system (which may include confidential identifyingcriterion, such as a PUV) may be intercepted and used fraudulently.

Another system which has been developed is one in which the circuitry ofthe mobile telephone is programmed to incorporate the customer's bankaccount number and may contain “consistency information” of thecustomer's bankcard. Accordingly, the system functions by means of thebank account number (or bankcard number) being transmitted by the mobiletelephone for the purposes of effecting the financial transactions (eg.see PCT/FR99/01605). A problem with this system is that it also involvesa low level of security with the relevant bank account details beingtransmitted and subject to interception by unauthorised persons.

Another example is the system described in Australian Patent ApplicationNumber AU 200051840 entitled “System and process for remote payments andtransactions in real time by mobile telephone”. This system alsoprovides for the processing of payments and transactions betweenconsumers and service providers, by way of a mobile telephone network.However, this system has a number of disadvantages, namely:

-   -   1. The telecommunication and account management functions are        performed by the same server. In many countries, government        regulations prohibit telecommunication carriers from functioning        as financial institutions. In order for this system to work as        claimed, it has to perform both telecommunication and banking        functions.    -   2. Having the telecommunication and account management functions        performed by the same server compromises the security of the        system and renders the accounts of users more vulnerable to        being accessed by unauthorised persons than is the case if the        telecommunication and account management functions are performed        by (more secure) server which is separate from the        telecommunication server. This is a concern given that the        server contains confidential information of the customer (eg a        PIN).    -   3. The user's PIN (or “secret identification code”) is        transmitted over the wireless network from the user's mobile        phone to the main server. This provides the opportunity for        third parties to tap into the wireless transaction and learn the        user's PIN. They can then use the PIN to fraudulently conduct        further transactions.    -   4. The system is a simple browser-based system, with the        messages to and from the system server being sent over the        network as text messages (eg, SMS messages). The procedure for        verifying the user's identity is effected by a text message        being sent from the system server to the customer's mobile        telephone, requesting the customer to enter his or her personal        identification code (eg, PIN). The PIN is transmitted over the        network and the verification is conducted within the system        server. Again, this gives rise to a low level of security with        the danger that the PIN could be intercepted by an unauthorised        person.    -   5. The system is very network-dependent and, for it to work        effectively, a complex arrangement of data storage means and        checks need to be conducted to identify the type of mobile phone        of the user and then to determine the relevant network on which        the mobile phone operates.    -   6. The system involves a complicated and expensive arrangement        of verification means, databases, account management means,        confirmation messages and acceptances messages which interact in        a complex manner. This has the effect of slowing down the system        and increasing the likelihood of errors or failures occurring.

DEFINITIONS

Throughout this specification (unless the context requires otherwise),the terms:

“electronic financial transaction” and “electronic transaction” areintended to mean “non-cash (or non-cheque)” financial transactions andmay include transactions effected by electronic, electromagneticwireless, radio, telephonic (or other similar) means or by anycombination of these;

“comprise”, or variations such as “comprises” or “comprising”, will beunderstood to imply the inclusion of a stated element, integer or step,or group of elements, integers or steps, but not the exclusion of anyother element, integer or step, or group of elements, integers or steps;

“service provider” is intended to refer to any person or entity whichprovides goods and/or services; and

“service suggestion” is intended to refer to any suggestion, invitationor offer relating to the provision, sale or purchase of any goods orservices.

DESCRIPTION OF THE INVENTION

According to a first aspect of this invention, there is provided atransaction processing system for processing a transaction between asupplier and a customer, said system comprising:

-   -   (a) a supplier device for initiating a transaction between the        supplier and the customer, said supplier device including:        -   (i) supplier device data storage means for storing supplier            identifying indicia;        -   (ii) supplier device data receiving means for receiving            transaction data and customer-supplied customer identifying            indicia, said transaction data including the monetary amount            of the transaction;        -   (iii) supplier device message generation means for            generating a transaction message containing the supplier            identifying indicia, the transaction data and the customer            identifying indicia; and        -   (iv) supplier device telecommunication means for sending the            transaction message to a system server and for receiving            messages from the system server;    -   (b) the system server which includes:        -   (i) server data storage means for storing supplier            information and customer information;        -   (ii) server telecommunication means for sending and            receiving messages to and from the supplier device and a            mobile communication device of the customer;        -   (iii) server verification means:            -   for verifying that the supplier identifying indicia and                the customer identifying indicia in the transaction                message match corresponding indicia within the supplier                information and the customer information, respectively;                and            -   for issuing either a transaction proceed order or a                transaction terminate order based on result of said                verification;        -   (iv) server message generation means for generating either:            -   a transaction denied message following receipt of a                transaction terminate order; or            -   a transaction request message following receipt of a                transaction proceed order, said message containing, the                supplier identifying indicia, the transaction data, the                customer identifying indicia, and a unique transaction                identifier which is different for each transaction;            -   and for transmitting the transaction denied message or                the transaction request message to the server                telecommunication means for the sending of said message                to the mobile communication device;    -   (c) the mobile communication device of the customer, comprising:        -   (i) mobile device telecommunication means for receiving            messages from and sending messages to the system server;        -   (ii) a message processing program module comprising:            -   mobile device data storage means containing a customer                security criterion; and            -   transaction authorisation means adapted to extract the                transaction data and the supplier identifying indicia                contained in the transaction request message, received                by the mobile communication device, and to generate and                display, on a visual display screen of the mobile                communication device, a message containing the                transaction data, the supplier identifying indicia and a                request for the customer either to:                -   authorise the transaction, by making a first                    pre-determined entry in a keypad of the mobile                    device, said predetermined entry including a secret                    identification parameter of the customer, or                -   decline the transaction, by making a second                    pre-determined entry in the keypad;        -   (iii) verification message generation means adapted to:            -   receive an authorisation order generated by the first                pre-determined entry into the keypad;            -   following receipt of said authorisation order, verify                that the identification parameter matches the customer                security criterion in the mobile device data storage                means and, if they do match, generate a verification                message, said verification message containing contents                of the transaction request message; and            -   encrypt the verification message to generate a secure                verification message.        -   (iv) decline transaction message generation means adapted            to:            -   receive a decline order generated by the second                pre-determined entry into the keypad; and            -   generate a decline transaction message, following                receipt of said decline order; and        -   (v) message transfer means for transferring the secure            verification message, or the decline transaction message, to            the mobile device telecommunication means for sending to the            system server;    -   (d) a transaction processing server, in secure communication        with the system server, comprising:        -   (i) means for receiving the secure verification message;        -   (ii) means for decrypting the secure verification message;            and        -   (iii) processing means for: identifying a customer account            associated with the customer identifying indicia;            identifying a supplier account associated with the supplier            identifying indicia; arranging for said customer account to            be debited by the monetary amount of the transaction; and            arranging for said supplier account to be credited by said            monetary amount.

A particularly advantageous feature of the above system is the messageprocessing program module. This module enables the transaction to beverified locally by the customer on his or her mobile communicationdevice (eg a mobile phone). In this way, the secret identificationparameter (eg a personal identification number (PIN)) is not transmittedto the server. Accordingly, there is no possibility of the PIN beingintercepted in transit. Similarly, the server does not contain anyreference to the secret identification parameter and there is thereforeno prospect of the parameter being accessed or viewed on the server byan unauthorised person. The security of the above system is furtherenhanced by the encryption of the transaction verification message andby the digital signature which may optionally be attached to themessage.

The customer identifying indicia is a typically a mobile telephonenumber of said mobile communication device. However, alternatively, itcan be some other number or code which is recognisable by the systemserver as being the identifying number or code of the customer. When anumber or code is used, which is different from the mobile telephonenumber, the system server will need to locate the mobile telephone fromits data storage means (by reference to the provided number or code).The unique transaction identifier of the transaction request message istypically assigned by the system server.

The transaction data further may further include, in addition to themonetary amount of the transaction, one or more of the following: timeof the transaction; nature of the goods and/or services being purchased;monetary amount of particular goods and/or services of the transaction;and any discount or surcharge applied by the supplier.

The customer security criterion is typically a personal identificationnumber (PIN) of the customer.

The transaction message, the transaction request message and theverification message are preferably formed as mobile data messages,which, for example, may be selected from SMS messages, GPRS messages andUTMS messages.

The secure verification message, sent from the mobile communicationdevice to the system server, should be a non-text message and willpreferably comprise a binary data stream. The transaction message andthe transaction request message may also comprise binary data streams.This provides even further security to the system as, even if they areintercepted, they would not be able to be comprehended.

It is particularly preferred that the system server also includesdigital signature recognition means; and that the verification messagegeneration means is further adapted to create and attach to the secureverification message a digital signature which is adapted to berecognised by the recognition means. This adds a substantial furtherlevel of security to the transaction verification message.

The transaction authorising means of the program module may be furtheradapted to include, in the request within the message generated by saidauthorising means, a further option to enable the customer to indicatethat the monetary amount of the transaction is to be varied. Thisenables the customer to provide a tip or gratuity, for instance at arestaurant or café. This option is typically exercisable by a thirdpredetermined entry being made in the keypad. In this situation, thetransaction authorising means will typically be adapted, upon receipt ofthe third predetermined entry being made, to:

-   -   (a) generate a query message querying the amended monetary        amount to which the customer wants the monetary amount amended;    -   (b) receive said amended monetary amount input by the customer;        and    -   (c) amend the monetary amount of the transaction data to the        amended monetary amount.

As will be apparent, if the monetary amount is so amended then, in allsubsequent messages which contain the monetary amount, the amendedmonetary amount should be substituted for the monetary amount.

In one preferred embodiment, the message processing program module iscontained in a SIM card. Although this is convenient and advantageous,it is not essential as other means for incorporating the program moduleinto a mobile communication device can readily be contemplated.

In this system, it is generally desirable that each message haveattached thereto a transaction code representative of the relevantmessage. This enables the device which receives the message readily torecognise whether it is a message which it should be receiving for thepurpose of processing a financial transaction under this system.

Therefore, it is desirable that:

-   -   (a) the transaction message sent to the system server includes a        predetermined transaction message code (eg 001);    -   (b) the transaction request message sent to the mobile        communication device contains a predetermined request message        code (eg 002);    -   (c) the verification message sent to the system server contains        a predetermined verification message code (eg 003);    -   wherein said codes are recognisable by the receiving system        server or device and said receiving system server or device are        adapted to discontinue the transaction if the relevant message        does not contain its predetermined code.

In a preferred embodiment of this invention, the server data storagemeans of the system server further includes benefits informationconcerning the availability of benefits offered by system-subscribedsuppliers, and the system server further includes:

-   -   (a) checking means adapted to determine whether the server data        storage means contains any benefits information concerning any        benefits which are, or may be, available in respect of, or in        association with, the transaction;    -   (b) means for generating a benefit notification message if any        relevant benefit is located and for transmitting this        notification message to the server telecommunication means for        sending to the supplier device, said notification message        containing details of the located benefit and a request for the        supplier to verify or deny availability of the benefit.

In this embodiment of the invention, the supplier device would typicallyfurther include benefit processing means adapted to:

-   -   (a) receive and display the benefit notification message;    -   (b) receive a verification input or a denial input from the        supplier; and    -   (c) upon receipt of a verification input, revise the monetary        amount to a revised monetary amount to accommodate any discount        associated with said benefit and to send to the system server a        benefit confirmation message containing the revised monetary        amount; or    -   (d) upon receipt of a denial input, send a benefit denial        message to the system server.

As would be apparent, if the monetary amount is so revised, ascontemplated above, in all subsequent messages which contain themonetary amount, the revised monetary amount will be substituted for themonetary amount.

The above benefits may be discounts (including discount coupons),special deals (eg “2 for 1” deals), special offerings of products andservices or other similar offers.

In a further preferred embodiment, the server data storage means furtherincludes a transaction database adapted to capture desired details ofeach transaction. These desired transaction details include one or moreof the following:

-   -   (a) the transaction data;    -   (b) desired additional transaction data including some or all        of, date of transaction, amount of any discount provided; and        the goods or serves covered by the transaction; and    -   (c) customer identifying indicia, and supplier identifying        indicia.

The transaction processing server should be in secure communication witha financial institution server, said financial institution serveradapted to transfer funds, corresponding to the monetary amount, to thesupplier account and to record a corresponding debit in the customeraccount. Typically, the transaction processing server communicates withthe financial institution server via a payment gateway.

The transaction processing server may further include account recordmeans for keeping a record of the supplier account, the customer accountand all debits and credits associated with these accounts.

In the present system, it is further preferred that:

-   -   (a) the transaction processing server is adapted to send, upon        completion of the transaction, a transaction complete message to        the system server; and    -   (b) the system server is adapted to send said transaction        complete message to either or both of the supplier device and        the mobile communication device.

A beneficial feature of the above system is the relative simplicity ofthe system server and the message flow to and from this server.

According to a second aspect of this invention, there is provided amessage processing program module, for use in a mobile communicationdevice, which device forms part of the transaction processing systemdescribed above, said program module comprising:

-   -   (a) mobile device data storage means containing a customer        security criterion;    -   (b) message receiving means for receiving the transaction        request message from the system server;    -   (c) transaction authorisation means adapted to:        -   (i) extract transaction data and the supplier identifying            indicia contained in the transaction request message;        -   (ii) generate and display, on a visual display screen of the            mobile communication device, a text message containing the            transaction data, the supplier identifying indicia and a            request for the customer either to:            -   authorise the transaction, by making a first                pre-determined entry in a keypad of the mobile device,                said predetermined entry including a secret                identification parameter of the customer, or            -   decline the transaction, by making a second                pre-determined entry in the keypad;    -   (d) verification message generation means adapted to:        -   (i) receive an authorisation order generated by the first            pre-determined entry into the keypad;        -   (ii) following receipt of said authorisation order, verify            that the identification parameter matches the customer            security criterion in the mobile device data storage means            and, if they do match, generate a verification message, said            verification message containing contents of the transaction            request message; and        -   (iii) encrypt the verification message to generate a secure            verification message.    -   (e) decline message generation means adapted to:        -   (i) receive a decline order generated by the second            pre-determined entry into the keypad; and        -   (ii) generate and send a decline transaction message,            following receipt of said decline order; and    -   (f) message transfer means for transferring the secure        verification message or the decline message to the mobile device        telecommunication means for sending to the system server.

As noted above, this program module is a unique feature whichsubstantially improves the security of the abovementioned system.Incorporated in the program module is means for enablingself-verification by a user completely at the user's mobile device,without any message (containing the secret identification parameter)having to be sent from the mobile device to the system server. Theprogram module also provides for the verification message to beencrypted and (optionally) digitally signed which substantially improvesthe security of the system.

As is also noted above, the customer security criterion is preferably apersonal identification number (PIN) of the customer.

The security of the system is further enhanced by forming the secureverification message, sent from the mobile communication device to thesystem server, of a binary data stream.

As noted above, the message processing program module is preferably (butnot necessarily) contained in a SIM card.

In a third aspect of this invention, there is provided a method ofprocessing a transaction between a supplier and a customer, using atransaction processing system according to any one of claims x to y,said method comprising the following steps:

-   -   (a) within the supplier device:        -   (i) receiving transaction data and customer-supplied            customer identifying indicia;        -   (ii) generating a transaction message containing the            supplier identifying indicia (obtained from data storage            means within the supplier device), the transaction data and            the customer identifying indicia;        -   (iii) transmitting the transaction message to the supplier            device telecommunications means; and        -   (iv) sending the transaction message to the system server;    -   (b) within the system server:        -   (i) receiving the transaction message;        -   (ii) verifying that the supplier identifying indicia and the            customer identifying indicia in the transaction message            match corresponding indicia within the supplier information            and customer information (stored in data storage means            within the server);        -   (iii) issuing either a transaction proceed order or a            transaction terminate order based on result of said            verification;        -   (iv) transmitting the transaction proceed order or the            transaction terminate order to the server message generation            means;        -   (v) generating, within the server message generation means,            either:            -   a transaction denied message following receipt of a                transaction terminate order; or            -   a transaction request message following receipt of a                transaction proceed order, said message containing, the                supplier identifying indicia, the transaction data, the                customer identifying indicia, and a unique transaction                identifier which is different for each transaction;        -   (vi) transmitting the transaction denied message or the            transaction request message to the server telecommunications            means;        -   (vii) sending the transaction denied message to the supplier            device or sending the transaction request message to mobile            device telecommunication means of the customer;    -   (c) within the mobile communication device:        -   (i) receiving, within the telecommunication means of the            mobile device, the transaction request message;        -   (ii) transmitting the transaction request message to            receiving means within a message processing program module;        -   (iii) said module:            -   extracting transaction data and supplier data from the                transaction request message;            -   generating and displaying, on a visual display screen of                the mobile communication device, a message containing                the transaction data, the supplier identifying indicia                and a request for the customer either to:                -   authorise the transaction, by making a first                    pre-determined entry in a keypad of the mobile                    device, said predetermined entry including a secret                    identification parameter of the customer, or                -   decline the transaction, by making a                    second-predetermined entry in the keypad;            -   receiving an authorisation order generated by the first                pre-determined entry into the keypad;            -   following receipt of said authorisation order, verifying                that the identification parameter matches the customer                security criterion in the mobile device data storage                means and, if they do match, generating a verification                message, said verification message containing the                contents of the transaction request message;            -   encrypting the verification message to generate a secure                verification message;            -   transferring the secure verification message to the                mobile device telecommunication means;        -   (iv) sending the secure verification message to the system            server.

The above method will typically involve further standard steps,including forwarding the secure verification message onto thetransaction processing server. At the transaction processing server, thesecure message verification is decrypted. This decryption enables thetransaction processing server to identify a customer account associatedwith the customer identifying indicia and to identify a supplier accountassociated with the supplier identifying indicia. Typically, thetransaction processing server then arranges for said customer account tobe debited by the monetary amount of the transaction and for saidsupplier account to be credited by said monetary amount.

The abovementioned unique transaction identifier of the transactionrequest message is typically assigned by the system server. It isparticularly preferred that the transaction message, the transactionrequest message and the verification message are mobile data messages,which may be selected from SMS messages, GPRS messages and UTMSmessages.

In order to enhance the security of the above system and method, aself-designed test digital certificate may be issued on each of thesystem components. These certificates are then used to sign all messagescommunicating between the system components.

For example, each outgoing transmission may consist of a digitalsignature, the public key of the centre's digital certificate and anoctal representation of the XML content. The digital signature iscreated with the private key of the sender. The receiver will be able touse the public key to verify the signature.

The test certificates are typically installed in the personalcertificate store locally in each component. If one of the componentsruns multiple system components, then that component may containmultiple certificates.

In a further aspect of this invention, there is provided a transactionprocessing system, including:

(a) a supplier device for initiating a transaction between a customerand a service provider;

(b) a transaction processing server adapted to process said transaction;and

(c) a system server adapted to receive messages from, and forwardmessages to, the supplier device, the transaction processing server anda mobile communication device;

wherein:

-   -   (i) the supplier device is adapted so that, when initiating a        transaction, it forwards a transaction initiation message to the        system server; and    -   (ii) the system server is adapted so that:        -   after receiving said transaction initiation message, it            sends a first transaction authorisation request to the            mobile communication device,        -   it may receive a secured first transaction verification            message from the mobile communication device in response to            said authorisation request;        -   upon receipt of said secured first transaction verification            message, it sends a second transaction authorisation request            to the transaction processing server;        -   it receives a second transaction verification message from            the transaction processing server; and provided the second            transaction verification message satisfies predetermined            criteria, it sends a first transaction approval message to            said supplier device.

Preferably, the system server is further adapted to send a secondtransaction approval message to said mobile communication device if thesecond transaction verification message satisfies predeterminedcriteria.

In a still further aspect, the present invention provides a systemserver for facilitating an electronic financial transaction, said systemserver being adapted to communicate with a supplier device, a mobilecommunication device of a customer and a transaction processing server,wherein said system server is further adapted to:

-   -   (a) receive a transaction initiation message from a supplier        device, said message containing certain customer identifying        indicia;    -   (b) identify the customer by reference to customer identifying        indicia;    -   (c) send a first transaction authorisation request to the mobile        communication device of the identified customer in response to        receiving the transaction initiation message;    -   (d) receive a secured first transaction verification message        from the mobile communication device;    -   (e) send a second transaction authorisation request to the        transaction processing server;    -   (f) receive a second transaction verification message from the        transaction processing server; and    -   (g) send a first transaction approval message to said supplier        device if the second transaction verification message satisfies        predetermined approval criteria.

Preferably, the system server is further adapted to send a secondtransaction approval message to said mobile communication device if thesecond transaction verification message satisfies predetermined approvalcriteria.

In yet another aspect, the present invention provides a method offacilitating an electronic financial transaction using a system server,which is adapted to communicate with a supplier device, a mobilecommunication device and a transaction processing server, wherein thesystem server performs the steps of:

-   -   (a) receiving a transaction initiation message from the supplier        device;    -   (b) sending a first transaction authorisation request to the        mobile communication device in response to receiving the        transaction initiation message;    -   (c) receiving a secured first transaction verification message        from the mobile communication device;    -   (d) sending a second transaction authorisation request to the        transaction processing server;    -   (e) receiving a second transaction verification message from the        transaction processing server; and    -   (f) sending a first transaction approval message to said        supplier device if the second transaction verification message        satisfies predetermined approval criteria.

Preferably, the method further includes the step of sending a secondtransaction approval message to said mobile communication device if thesecond transaction verification message satisfies predeterminedcriteria.

Preferably, the supplier device has a display screen and the step ofdisplaying the transaction acceptance and rejection messages includesdisplaying those messages on the display screen.

Alternatively, the supplier device may be in communication with aprinter and the step of displaying the transaction acceptance andrejection messages includes displaying those messages by sending to theprinter a print command which corresponds to the messages.

Preferably, the mobile communication device is further adapted toreceive a transaction approval message from the system server, and todisplay the transaction approval message on the display screen.

Preferably, the mobile communication device is programmed to requireentry of a user's personal identification details (such as a PIN numberor password and a security key) before the secured transactionverification message is sent to the system server.

Preferably, the first transaction verification message will be digitallysecured using some customer identification data (such as a personalidentification (PIN), secret number, password or the like and a securitykey). The first transaction verification message preferably includes acustomer verification that the customer authorises the transaction toproceed.

The transaction approval message may simply be a positive indicationfrom the transaction processing server that the transaction may proceed.

Preferably, the mobile communication device is a mobile phone orcellular phone.

Any discussion of documents, acts, materials, devices, articles or thelike which has been included in the present specification is solely forthe purpose of providing a context for the present invention. It is notto be taken as an admission that any or all of these matters form partof the prior art base or were common general knowledge in the fieldrelevant to the present invention as it existed before the priority dateof each claim of this application.

BRIEF DESCRIPTION OF THE DRAWINGS

Preferred embodiments of the aspects of this invention will now bedescribed, by way of example only, with reference to the accompanyingdrawings in which:

FIG. 1 is a schematic flow diagram illustrating an embodiment of thesystem and the method of this invention;

FIG. 2 is a simplified flow diagram illustrating the processing of atransaction according to the invention;

FIG. 3 is a simplified flow diagram illustrating initial steps in themethod of the invention which occur at a supplier device (eg supplierpoint of sale);

FIG. 4 is a simplified flow diagram illustrating other steps in themethod of the invention which occur at the system server;

FIG. 5 is a simplified flow diagram illustrating later steps in themethod of the present invention which occur at a customer's mobiledevice (or mobile communication device); and

FIG. 6 is a simplified flow diagram illustrating further steps in themethod of the present invention which occur at the system server.

FIG. 7 is a schematic diagram of an embodiment of the system of presentinvention showing further detail of the components of the system server.

FIG. 8 is a transactional flow diagram illustrating an embodiment of thesystem and method of this invention.

FIG. 9 is a logic flow diagram showing transaction initiation steps ofan embodiment of the method of this invention.

FIG. 10 is a large flow diagram showing benefit notification steps of apreferred embodiment of the method of this invention.

FIG. 11 is a large flow diagram showing benefit confirmation steps of apreferred embodiment of the method of this invention.

FIG. 12 is a logic flow diagram of transaction request steps of anembodiment of the method of this invention.

FIG. 13 is a logic flow diagram of 3 steps associated with transmittingthe verification message to the transaction processing system in anembodiment of the method of this invention.

FIG. 14 is a logic flow diagram of transaction approval steps of anembodiment of the method of this invention.

FIGS. 15 a and 15 b constitute a menu flow diagram of transactionrequest steps associated with an embodiment of the method of thisinvention.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

In a preferred embodiment, the present invention provides a system andprocess for facilitating electronic financial transactions between agoods and services provider and a consumer using a system server incommunication with a supplier device, a mobile communication device, asystem service and transaction processing server. The invention includesa system and method for conducting credit/debit payment services betweena goods/services provider (“supplier”) and a consumer (“customer”) usingwireless communication devices.

One version of the system and process is illustrated in the flow diagramof FIG. 1 which shows the steps involved in processing (or facilitating)a transaction according to the invention. The present invention allows acustomer of goods and services to initiate a credit/debit payment byproviding the supplier of goods and services with a pre-defined clientidentifier, such as a mobile telephone number, which is provided by athird party system operator.

As can be seen from FIGS. 1 and 2, an embodiment of the system of thisinvention includes a supplier device 1 (eg a supplier terminal); asystem server 2, a mobile communication device 3 of a customer, and atransaction processing server 4. The supplier device 1, the systemserver 2, the mobile communication device 3 and the transactionprocessing server 4 are adapted to communicate by means of messages. Thesystem server 2 and the transaction process server 4 are in wired (andsecured) communication. However, the system server 2, the mobilecommunication device 3, and the supplier device 1 are only in wirelesscommunication with each other and, accordingly, they communicate bymeans of mobile data messages.

In the process of this invention, once a transaction is initiatedbetween a customer and a supplier, the customer provides to the suppliercustomer identifying indicia (typically the mobile telephone number ofthe mobile communication device 3 (which is typically a mobiletelephone). For the system to operate, the customer and the suppliermust be subscribers to the system and their respective identifyingindicia must be recorded in the system server 2.

As depicted in FIG. 1 and FIG. 3, in order to process the transaction, atransaction message (a) is sent from the supplier device 1 (controlledby the supplier), to the system server 2. The transaction message (a)includes the customer identifying indicia and supplier identifyingindicia. The supplier identifying indicia is typically embedded in datastorage means of the supplier device 1 (or it could be enteredmanually).

As shown in FIG. 4, upon receipt of the transaction message (a) thesystems server conducts a preliminary verification to verify that thecustomer identifying indicia and the supplier identifying indicia arerecorded in data storage means within the system server 2. If either ofthese indicia are not recognised by the system server 2, the transactionwill not proceed further and a corresponding message may be sent back tothe supplier device 1.

The transaction message (a) may further include a transaction messagecode identifiable by the system server 2 so that if a purportedtransaction message is received by the system server 2 without atransaction message code, the system server 2 will not recognise themessage as having been sent by a subscriber to the system. In such asituation, the transaction will not proceed.

Following verification of the customer identifying indicia and thesupplier identifying indicia of the transaction message, the systemserver 2 may conduct a review of its database(s) to determine if thereis a record of an applicable coupon (eg a discount or promotionalcoupon) being redeemable with the supplier in respect of thetransaction. As shown in FIG. 1, if such a coupon is located, the systemserver 2 is adapted to generate and send a coupon notification message(b) to the supplier device 1. The supplier device 1 is programmed thento prompt the supplier to confirm or deny the availability of the couponand, if available, to send a coupon confirmation message (c) back to thesystem server 2. The coupon notification and confirmation procedure isentirely optional and will not apply in respect of all transactions orall suppliers linked to the system.

Following verification of the customer identifying indicia and thesupplier identifying indicia in the transaction message (and, whereapplicable, following receipt of the coupon confirmation message), thesystem server 2 is adapted to generate and send a transaction requestmessage (d) to the mobile communication device 3. The transactionrequest message (d) typically contains a unique transaction identifyingcode (applied by the system server 2), the customer identifying indicia,the supplier identifying indicia and transaction data. At the least, thetransaction data includes the amount payable under the transaction.Where a coupon has been confirmed as being available in respect of thetransaction, the transaction data will include the amount payable asaltered (eg reduced) by virtue of the coupon.

The mobile communication device 3 receives the transaction requestmessage and undertakes a self-verification process described furtherbelow.

Following verification that the customer wishes to proceed with thetransaction, the mobile communication device 3 generates a verificationmessage. This verification message contains contents of the transactionrequest message (d) but is encrypted to generate a secure verificationmessage (e) which is sent to the systems server 2. This secureverification message (e) may further include a digital signature,forming part of the message, for added security.

The secure verification message (e) may also include a verificationmessage code identifiable by the system server so that, if a purportedverification message is received by the system server 2 without theverification message code, the transaction will not proceed further.

Upon receipt of the secure verification message (d), the system server 2transmits it to the transaction processing server 4. The system server 2is in wired communication with the transaction processing server 4. Thetransaction processing server 4 is a secure server which containsdecrypting means adapted to decrypt the secure verification message (e).The server 4 is also adapted to identify (from the customer identifyingindicia and the supplier identifying indicia) the relevant accounts ofthe customer and the supplier and to arrange for processing of thefinancial transaction. This processing is typically effected inconjunction with a financial institution 6 which is in communicationwith the transaction processing means via a payment gateway 5.

In one embodiment of this invention, a system is developed to enable:

-   -   a third party system operator(s) (“Trusted Agent”) to provide        Personal Identification Number (“PIN”), Client Identifier        (“Client Identifier”), and Subscriber Identity Module card        Trusted Key (“Trusted Key”) to a customer    -   the Customer to initiate a credit/debit payment by providing the        Client Identifier    -   the Supplier to use the client identifier and the total invoiced        amount to request the Trusted Agent to activate a payment        request to the Customer's wireless communication device    -   the Trusted Agent to use the Client Identifier to retrieve        personal information of the Customer from the Trusted Agent's        server system    -   the Trusted Agent to use the personal information retrieved, the        information of the Supplier, and a unique transaction number        generated by the Trusted Agent server system (“Transaction        Number”), to compile a payment request and such request is send        to the Customer's wireless communication device through a        licensed spectrum or the Trusted Agent to send the personal        information retrieved, the information of the Supplier        (“Supplier Identity”), and a unique transaction number generated        by the Trusted Agent server system to the Customer's wireless        communication device through a licensed spectrum    -   the Customer's wireless communication device to display the        payment request or the Customer's wireless communication device        to use the Supplier Identity, Transaction Number, and the        Personal Information to compile a payment request and display        the payment request    -   the Customer to authorise a credit/debit payment in response to        the payment request by inputting the PIN via an input interface        of the Customer's mobile handset    -   the Customer to authenticate his/her identity in response to the        payment request by inputting the PIN via the input interface of        the Customer's mobile handset    -   the system in the Customer's mobile handset to compile a secured        data packet (or transaction verification message) based on        information such as the PIN and the Customer's Trusted Key. The        secured data packet maybe or may not be digitally signed    -   the Customer's mobile handset to send the secured data packet        back to the Trusted Agent via the wireless telecommunication        network operating through a licensed spectrum, and    -   the secured data packet to be used by the Trusted Agent (or        system server) such that the Customer's identity is        authenticated and a credit/debit payment is authorised, which        will result in the Customer paying the Supplier.

The method of the present invention involves four main steps, describedbelow with reference to FIGS. 3 to 6.

Step 1

FIG. 3 is a flow diagram illustrating the first main step in the methodof the present invention which occurs at a point of sale.

In this embodiment, the Supplier installs the Supplier Device (orsupplier device) at its point of sales. The Supplier Device communicateswith the Carrier's GSM network and it enables the Supplier to use theinvention. In this embodiment, the Supplier has a transactionaccount/supplier service agreement with a bank, the Customer is enabledwith the invention, and the Customer carries his/her wirelesscommunication device, in this embodiment, mobile handset, when he/shevisits the Supplier (“Mobile Handset”).

A number of steps occur at the point of sale:

-   -   1. Assume a Customer decides to buy an item at a shop, ie        Supplier, using the Invention. The Customer is now at the        counter waiting to pay for the item. The cashier operator        examine the item and present an invoice to the Customer    -   2. In this embodiment, the Supplier partners with the Bank and        the Carrier to exploit the Invention. The Supplier therefore        offers payment options such as Cash, Cheque, Debit Card, VISA,        Master, AMEX, Diners Club, JCB and others, as well as the        Invention. In alerting the Customer that the Invention is        available as one of the payment options, the Invention is added        to the list of payment modes that are accepted by the Supplier.        This can be in a form of logo/sticker placed around the cash        register    -   3. In this embodiment, the Customer chooses to settle the        invoice using the Invention    -   4. Through choosing to use the Invention, the cashier operator        asks for the Customer's Client Identifier, in this embodiment,        his/her mobile handset number    -   5. As shown in FIG. 3, the cashier operator types in the Client        Identifier and the amount payable by the Customer (“Amount        Payable”) into a communication device. In this embodiment, a GSM        device is provided to the Supplier (“Supplier GSM Device”) by        the Carrier that is capable of sending text messages via the        Short Messaging System (“SMS”). The Supplier GSM Device is        logged onto the Carrier's wireless telecommunication network        through a licensed spectrum, ie 900 MHz    -   6. The Supplier GSM Device sends the Customer's mobile handset        number and the Amount Payable as a request to the Carrier in a        form of SMS message using SMS. The SMS message is used to        activate a payment request to the Customer's wireless        communication device, which, in this embodiment, his/her mobile        handset        The request is transmitted from the Supplier GSM Device to a        base station within the GSM telecommunication network of the        Carrier using the 900 MHz-licensed spectrum.

Step 2

FIG. 4 is a flow diagram illustrating the second main step in the methodof the present invention which occurs at a telecommunication carrier (orsystem server).

In this embodiment, the Carrier's Short Messaging System Center (“SMSC”)is networked with its server system (“Server System”).

In one embodiment (and as shown in FIG. 7), the system server includestwo databases:—

A) Customer Database (or “M-Directory DB” as labelled in FIG. 7)—Thisdatabase contains relevant information about the Customers and thesuppliers.

The preferred fields are:—

-   -   Internal customer reference number (for both customers and        suppliers)    -   Customers' and Suppliers' name    -   ICCID, i.e. Customer ID or Supplier ID    -   Mobile handset number        B) Transactional Database—This database keeps an audit trail of        all transactions. The database records the messages related to        the transactions.

FIG. 5 illustrates a number of further sub-steps:

-   -   1. The Carrier's SMSC receives a SMS message from the Supplier        GSM Device, directing to a special number linking to the Server        System    -   2. The Carrier's SMSC routes the SMS message to the Server        System    -   3. The Server System receives the SMS message from the SMSC,        with an indicator, (such as Device Number), noting that the        message is sent from the Supplier GSM Device    -   4. The Server System reads the information contained in the SMS        message, ie. the amount payable and the mobile handset number        and stores it in its RAM    -   5. In this embodiment, the Server System uses the mobile handset        number to match the data-field within its database, and retrieve        information that is linked to the mobile handset number. In this        embodiment, the information retrieved includes a record of the        Customer, ie first name of the Customer, Mobile Handset Number        of the Customer    -   6. The Server System also uses the Device Number to match the        data-field within its database, and retrieve Supplier        information that is linked to the Device Number. In this        embodiment, the Supplier information retrieved includes name of        the Supplier, Supplier id.    -   7. In this embodiment, the Server System assigns a unique        transaction number (“Transaction Number”) using the Supplier        information, the Customer's information, the time and the Amount        Payable.    -   8. The Server System generates a payment request in a form of a        SMS message (“Payment Request”). This message contains        data-fields including first name of the Customer, name of        Supplier, Supplier id, Transaction Number and Amount Payable.    -   9. The Server System sends the Payment Request to the Mobile        Handset via the SMSC of the Carrier's GSM telecommunication        network using the 900 MHz-licensed spectrum.

Step 3

FIG. 5 is a flow diagram illustrating the third main step in the methodof the present invention which occurs at a user's mobile device (ormobile communication device).

-   -   1. Upon receiving the Payment Request, the Mobile Handset passes        the SMS message to the Client System, which reads the Payment        Request. The Client System then command the Mobile Handset to        display a text message on the output interface of the Mobile        Handset    -   2. In this embodiment, a text message is displayed on the screen        of the Mobile Handset immediately and automatically. The message        contains the Customer's first name, the Supplier name, the        Amount Payable, and a request to authorise a payment. The        Customer checks the text message and examines the details of the        Payment Request, ie Supplier name and the Amount Payable. The        Customer can choose to either terminate the transaction, ie        Amount Payable incorrect, or proceed with the transaction. In        this embodiment, the Customer decides to proceed with the        request and the Customer needs to press the “OK” button (or        similar activating button, icon or the like) located in the        input interface.    -   3. In this embodiment, the Client System receives the command        from the Customer to proceed with the request. The Client System        generates a text message to the mobile handset's screen,        prompting the Customer to enter his/her PIN. The text message        repeats the Amount Payable, and provides a notice to the        Customer that he/she is authorising the payment by entering the        PIN.    -   4. The Customer enters the PIN and presses (in this embodiment)        the “OK” button located in the input interface. This action        binds the customer to pay the Bank the Amount Payable, which the        Bank in turn settles the invoice with the Supplier on behalf of        the Customer. In this embodiment, the Client system creates a        secured data packet from the Transaction Number, Amount Payable        and the Supplier id. The secured data packet is digitally signed        by a digital signature created from the PIN and the Trusted Key.    -   5. In this embodiment, the Client System commands the Mobile        Handset to send the secured data packet back to the Server        System via the Carrier's wireless telecommunication network        operating through a licensed spectrum.

Step 4

FIG. 6 is a flow diagram illustrating the fourth main step in the methodof the present invention which occurs at a telecommunication carrier (orsystem server).

In this embodiment, the secured data packet is received by the Carrier'sbase station, which passes it on to its SMSC and then its Server System.The secured data packet is used such that the Customer's identity isauthenticated and a credit/debit payment is authorised, which results inthe Customer paying the Bank and the Bank paying the Supplier.

As shown in FIG. 7 the system server typically consists of 2 primarysoftware components (shown as “Gateway Receiver” and “Gateway Core”) andone or more databases. FIG. 7 shows 2 databases—one being a transactiondatabase (“Transation DB”) and the other is a customer database(“M-Directory DB”). The main purpose of the Transaction DB is tomaintain records in respect of transactions performed over the system.The databases work in conjunction with the Gateway Core in order tocarry out transaction logging and to capture itemised bill information.

The system server is typically built on top of a Message OrientedMiddleware (“MOM”), and Java Messaging Service (“JMS”) is generallyspecified as the API for accessing the MOM for the subject messagingsystem.

The invention will now be illustrated by reference to the followingexample:

EXAMPLE

FIGS. 9 to 14 are logic flow diagrams showing the flow of messageswithin the system of this invention. The steps shown in a hexagonalborder are performed within the Gateway Receiver and steps contained inrectangular borders are performed in the Gateway Core. The system serverreceives a request from the supplier device (“M Payment RequestInitialisation Tool”) to initiate a transaction. The message thenundergoes certain checks within the carrier server. A transactionidentifier (“MTransID”) is added to the message and the message can thenbe sent.

Alternatively (as shown in FIG. 9), before the message is sent, thesystem server can check on the availability of any benefits (eg coupons,product/service offerings and the like) being offered by the supplier.In order to do this, the system server checks its database records andif a particular benefit is found, then the processing steps areimplemented.

The benefit processing steps are shown in FIGS. 10 and 11. If a benefitis located, a message is sent from the system server to the supplierdevice seeking confirmation that the benefit is available. A supplierreply is then sent from the supplier device back to the system serverconfirming whether or not the benefit is available. If it is, the systemserver will include an indication to this effect in the transactionrequest message sent to the customer. The system server may need toalter the monetary amount of the transaction if, for example, a discountis provided by virtue of the benefit. The benefit need not always be adiscount. It may include other product or service offerings provided bythe supplier.

Following the benefit processing steps, or if no benefit was previouslylocated by the system server, the system server then sends a transactionrequest message to the customer's mobile phone requesting verificationof the transaction (see FIG. 12). The customer then, in conjunction withthe mobile phone verifies and authorises the transaction by virtue ofthe message processing program module contained in the mobile phone(typically in the SIM card). If the customer wishes to proceed with thetransaction, a secure verification message (which is typically encryptedand digitally signed) is sent back to the system server. Theverification message then undergoes certain minor steps (includingchecking of the transaction identifier and the message code) and theverification message is then sent to the transaction processing server(“MSS”) (see FIG. 13).

As shown in FIG. 14, if the transaction is approved by the relevantfinancial institution, the transaction processing server is notified ofthis and sends a corresponding message to the system server. The systemserver then passes on such a confirmation message to the supplier deviceand to the customer's mobile phone. The transaction is then completed.

The data flow of the referred embodiment of this invention (exemplifiedabove) can be summarised as follows:

-   -   1) Merchant initiates and sends a formatted ‘Merchant Payment        Request Message’ to M Gateway.        -   The Merchant Payment Request Message (TransCode=001) data            string:            TransCode;DeviceID;MerchantID;Merchant            Name;CustNum;BillNum;AmountRequest;Items->M Gateway    -   2) M Gateway checks coupon database for coupon availability for        particular purchase.        -   If no coupon is available, proceed to step 4.        -   If coupon is available, send ‘Coupon Notification Message’            to merchant's M Device.        -   The Coupon Notification Message (TransCode=010) data string:            TransCode;MtransID;CustNum;Billnum;CouponNum;            Coupon;CouponExpiry;    -   3) ‘Coupon Confirmation Message’ returns from merchant's M        Device with the new amount.        -   The Coupon Confirmation Message (TransCode=011) data string:            TransCode;MtransID;MerchantID;BillNum;CouponNum;            AmountRequest    -   4) M Gateway transforms the ‘Merchant Payment Request Message’        to a ‘Customer Payment Request Message’ and routes it to        customer's mobile handset via SMS.        -   The Customer Payment Request Message (TransCode=002) data            string:            TransCode;MtransID;MerchantID; BillNum;            AmountRequest;[<MerchantName> requests payment of <Amount>.            u accept?->Customer Mob    -   5) Customer replies the ‘Customer Payment Request Message’ by        keying in the PIN to authorise the transaction. A digitally        signed Customer Authorisation Message will be sent to M Gateway.        -   The Customer Authorisation Message (TransCode=003) data            string:            TransCode;MtransID;[MerchantID;CustAccountNo;BillNum;amount];SIGNATURE            -> M Gateway    -   6) When M Gateway receives ‘Customer Authorisation Message’, it        identifies the TransCode and the MtransID and transfers the        secure data packet to the MSS as a ‘Transaction Order’.        -   MSS decrypts the digitally signed customer authorisation            data packet and generates a ‘Bank Approval Request’. This            Bank Approval Request is then sent to the bank's payment            system.        -   The Transaction Order (TransCode=004) data string:            TransCode;MtransID;CustNum;[MerchantID;CustAccountNo;BillNum;amount];SIGNATURE            -> MSS    -   7) MSS sends a ‘Payment Receipt Message’ to M Gateway when the        bank's payment system has acknowledged the transaction order,        verified the transaction detail and approved the transaction.        -   The Payment Receipt Message (TransCode=005) data string:            TransCode;MtransID;CustNum;[ApprovalCode;CTransRefNum];MerchantID;[ApprovalCode;MTransRefNum;CTrans]Num]->            M Gateway    -   8) M Gateway transforms the ‘Payment Receipt Message’ and sends        it to the customer's mobile handset via SMS.        -   The Payment Receipt Message (TransCode=006) data string (for            customer):            TransCode;MtransID;[ApprovalCode;CTransRefNum]->Customer mob    -   9) M Gateway transforms the ‘Payment Receipt Message’ and sends        it to the merchant via SMS or IP connections.        -   The Payment Receipt Message (TransCode=007) data string (for            merchant):            TransCode;MtansID;[ApprovalCode;MTransRefNum;CTransRefNum]->            M-Device            Itemised Bill Information Data Flow    -   When itemised bill information is made available from M Device's        bill capture, M Device sends the sales items text string to M        Gateway.        -   The Itemised Bill Information (TransCode=009) data string:            TransCode;MerchantID;BillNum;Items            SMS Coupon Data Flow    -   When a Coupon is make available by Project M's targeted        life-style suggestion programme, M Gateway generates a SMS        Coupon and sends it to the customer's mobile handset via SMS.        -   The SMS Coupon message (TransCode=012) data string (for            merchant):            TransCode;MobileNum;CustNum;CouponNum;[<MerchantName> offers            you <Coupon> until <CouponExpiry YY-MMM-DD, HH:MM>

It will be appreciated from the foregoing discussion that the presentinvention has a number of advantages over prior art payment systems andmethods. These include:

-   -   1. Real-time direct customer approval—the invention changes the        fundamental authentication mechanism by adopting wireless        communication network to facilitate real time personal approval        and authorisation capability. The invention is designed to        improve the mechanism through:        -   The use of a mobile device, such as a mobile phone, in the            authentication process, which is carried out by the phone            user, provides a comprehensive authentication process. This            minimises the possibility of fraud, such as magnetic strip            reproduction and card cloning which has been a major problem            in respect of credit cards.        -   The customer carries out the authorisation by entering a            unique PIN into his/her own handset; the suppliers are no            longer responsible for POS authentication and signature            verification. The responsibility rests on the customer as            he/she keys-in the PIN.        -   Customer identification is now represented by a distinctive            SIM card number/phone number, and is verified real-time by            the Trusted Agent SMS network.            This reduces the authentication risk and limits the            liability of all parties    -   2. Secure environment—The invention enhances the security by        adopting SIM card (or similar software contained in the mobile        phone) as the technology platform. The quality of the SIM card        application ensures strong data confidentiality when secure        messages are transported through the GSM network. Thereby        increasing the security level of payment system. For example:        -   SIM card can store and compute digital signatures, which            ensure authentication, non-repudiation, confidentiality and            reliability of transactions.        -   SIM card is preferably anti-clone, this minimises the chance            of fake cards        -   SIM Card and GSM network hosting the transaction information            passage also improve traceability and confidentiality.    -   3. Trust Key—the invention enhances overall security by        requesting the Customer to use a SIM card that has a Trust Key        as well as a client system embedded. The Trust Key is expected        to provide a security infrastructure for Bank(s) to implement        Private-Public Key encryption and decryption technology. Thus        the financial security of the Customer is independent from the        Carrier(s).    -   4. Greater efficiency—the system of the invention has been        designed to be relatively simple to implement and use. The        system server is not required to carry out detailed        vertification/authentication steps (which are now mainly carried        out within the mobile device (eg mobile phone). Consequently,        the server is less expensive to manufacture and less likely to        default than certain prior art servers. The simplicity of the        system leads to greater reliability and speed of transactions.

Using the invention described herein, consumers, suppliers and banks (orother financial institutions) will enjoy a higher level of security toprotect confidential information, reduce the costs to suppliers andbanks by minimising the risk of charge backs and lower potentialconsumer or supplier frauds.

It will be appreciated by persons skilled in the art that numerousvariations and/or modifications may be made to the invention as shown inthe specific embodiments without departing from the spirit or scope ofthe invention as broadly described. The present embodiments are,therefore, to be considered in all respects as illustrative and notrestrictive.

1. A transaction processing system for processing a transaction betweena supplier and a customer, said system comprising: (a) a supplier devicefor initiating a transaction between the supplier and the customer, saidsupplier device including: (i) supplier device data storage means forstoring supplier identifying indicia; (ii) supplier device datareceiving means for receiving transaction data and customer-suppliedcustomer identifying indicia, said transaction data including themonetary amount of the transaction; (iii) supplier device messagegeneration means for generating a transaction message containing thesupplier identifying indicia, the transaction data and the customeridentifying indicia; and (iv) supplier device telecommunication meansfor sending the transaction message to a system server and for receivingmessages from the system server; (b) the system server which includes:(i) server data storage means for storing supplier information andcustomer information; (ii) server telecommunication means for sendingand receiving messages to and from the supplier device and a mobilecommunication device of the customer; (iii) server verification means:for verifying that the supplier identifying indicia and the customeridentifying indicia in the transaction message match correspondingindicia within the supplier information and the customer information,respectively; and for issuing either a transaction proceed order or atransaction terminate order based on a result of said serververification; (iv) server message generation means for generatingeither: a transaction denied message following receipt of a transactionterminate order; or a transaction request message following receipt of atransaction proceed order, said message containing, the supplieridentifying indicia, the transaction data, the customer identifyingindicia, and a unique transaction identifier which is different for eachtransaction; and for transmitting the transaction denied message or thetransaction request message to the server telecommunication means forthe sending of said message to the mobile communication device; (c) themobile communication device of the customer, comprising (i) mobiledevice telecommunication means for receiving messages from and sendingmessages to the system server; (ii) a message processing program modulecomprising: mobile device data storage means containing a customersecurity criterion; and transaction authorisation means adapted toextract the transaction data and the supplier identifying indiciacontained in the transaction request message, received by the mobilecommunication device, and to generate and display, on a visual displayscreen of the mobile communication device, a message containing thetransaction data, the supplier identifying indicia and a request for thecustomer either to: authorise the transaction, by making a firstpre-determined entry in a keypad of the mobile device, saidpredetermined entry including a secret identification parameter of thecustomer, or decline the transaction, by making a second pre-determinedentry in the keypad; (iii) verification message generation means adaptedto: receive an authorisation order generated by the first pre-determinedentry into the keypad; following receipt of said authorisation order,verify that the identification parameter matches the customer securitycriterion in the mobile device data storage means and, if they do match,generate a verification message, said verification message containingcontents of the transaction request message; and encrypt theverification message to generate a secure verification message. (iv)decline transaction message generation means adapted to: receive adecline order generated by the second pre-determined entry into thekeypad; and generate a decline transaction message, following receipt ofsaid decline order; and (v) message transfer means for transferring thesecure verification message, or the decline transaction message, to themobile device telecommunication means for sending to the system server;(d) a transaction processing server, in secure communication with thesystem server, comprising: (i) means for receiving the secureverification message; (ii) means for decrypting the secure verificationmessage; and (iii) processing means for: identifying a customer accountassociated with the customer identifying indicia; identifying a supplieraccount associated with the supplier identifying indicia; arranging forsaid customer account to be debited by the monetary amount of thetransaction; and arranging for said supplier account to be credited bysaid monetary amount.
 2. A transaction processing system according toclaim 1 wherein the customer identifying indicia is a mobile telephonenumber of said mobile communication device.
 3. A transaction processingsystem according to claim 1 wherein the transaction data furtherincludes one or more of the following; time of the transaction; natureof the goods and/or services being purchased; monetary amount ofparticular goods and/or services of the transaction; and any discount orsurcharge applied by the supplier.
 4. A transaction processing systemaccording to claim 1 wherein the unique transaction identifier of thetransaction request message is assigned by the system server.
 5. Atransaction processing system according to claim 1 wherein the customersecurity criterion is a personal identification number (PIN) of thecustomer.
 6. A transaction processing system according to claim 1wherein the transaction message, the transaction request message and theverification message are mobile data messages.
 7. A transactionprocessing system according to claim 6 wherein the mobile data messagesare selected from SMS messages, GPRS messages and UTMS messages.
 8. Atransaction processing system according to claim 7 wherein the secureverification message, sent from the mobile communication device to thesystem server, comprises a binary data stream.
 9. A transactionprocessing system according to claim 8 wherein the transaction messageand the transaction request message also comprise binary data streams.10. A transaction processing system according to claim 1 wherein: (a)the system server includes digital signature recognition means; an (b)the verification message generation means is further adapted to createand attach to the secure verification message a digital signatureadapted to be recognised by said recognition means.
 11. A transactionprocessing system according to claim 1 wherein the transactionauthorising means of the program module is further adapted to include,in the request within the message generated by said authorising means, afurther option to enable the customer to indicate that the monetaryamount of the transaction is to be varied.
 12. A transaction processingsystem according to claim 11 wherein said option is exercisable by athird predetermined entry being made in the keypad.
 13. A transactionProcessing system according to claim 12 wherein the transactionauthorising means is adapted, upon receipt of the third predeterminedentry being made, to: (a) generate a query message querying the amendedmonetary amount to which the customer wants the monetary amount amended;(b) receive said amended monetary amount input by the customer; and (c)amend the monetary amount of the transaction data to the amendedmonetary amount.
 14. A transaction processing system according to claim13 wherein, if the monetary amount is so amended, in all subsequentmessages which contain the monetary amount, the amended monetary amountwill be substituted for the monetary amount.
 15. A transactionprocessing system according to claim 1 wherein the message processingprogram module is contained in a Subscriber Identity Module (SIM) card.16. A transaction processing system according to any claim 1 wherein:(a) the transaction message sent to the system server includes apredetermined transaction message code; (b) the transaction requestmessage sent to the mobile communication device contains a predeterminedrequest message code; (c) the verification message sent to the systemserver contains a predetermined verification message code; wherein saidcodes are recognisable by the receiving system server or mobile deviceand said receiving system server or mobile device are adapted todiscontinue the transaction if the relevant message does not contain itspredetermined code.
 17. A transaction processing system according toclaim 1 wherein the server data storage means of the system serverfurther includes benefits information concerning the availability ofbenefits offered by system-subscribed suppliers, and the system serverfurther includes: (a) checking means adapted to determine whether theserver data storage means contains any benefits information concerningany benefits which are or may be, available in respect of, or inassociation with, the transaction; and means for generating a benefitnotification message if any relevant benefit is located and fortransmitting this notification message to the server telecommunicationmeans for sending to the supplier device, said notification messagecontaining details of the located benefit and a request for the supplierto verify or deny availability of the benefit.
 18. A transactionprocessing system according to claim 17 wherein the supplier devicefurther includes benefit processing means adapted to: (a) receive anddisplay the benefit notification message; (b) receive a verificationinput or a denial input from the supplier; and (c) upon receipt of averification input, revise the monetary amount to a revised monetaryamount to accommodate any discount associated. with said benefit and tosend to the system server a benefit confirmation message containing therevised monetary amount; or (d) upon receipt of a denial input, send abenefit denial message to the system server.
 19. A transactionprocessing system according to claim 18 wherein, if the monetary amountis so revised, in all subsequent messages when contain the monetaryamount, the revised monetary amount will be substituted for the monetaryamount.
 20. A transaction processing system according to claim 1 whereinthe server data storage means further includes a transaction databaseadapted to capture desired details of each transaction.
 21. Atransaction processing system according to claim 20 wherein the desiredtransaction details include one or more of the following: (a) thetransaction data; (b) desired additional transaction data including someor all of, date of transaction, amount of any discount provided; and thegoods or services covered by the transaction; and (c) customeridentifying indicia, and supplier identifying indicia.
 22. A transactionprocessing system according to claim 21 wherein the transactionprocessing server is in secure communication with a financialinstitution server, said financial institution server being adapted totransfer funds, corresponding to the monetary amount, to the supplieraccount and to record a corresponding debit in the customer account. 23.A transaction processing system according to claim 22, wherein thetransaction processing server communicates with the financialinstitution server via a payment gateway.
 24. A transaction processingsystem according to claim 1 wherein the transaction processing serverfurther includes account record means for keeping a record of thesupplier account, the customer account and all debits and creditsassociated with these accounts.
 25. A transaction processing systemaccording to claim 1 wherein: (a) the transaction processing server isadapted to send, upon completion of the transaction, a transactioncomplete message to the system server; and (b) the system server isadapted to send said transaction complete message to either or both ofthe supplier device and the mobile communication device.
 26. A messageprocessing program module according to claim 25 wherein said programmodule is contained in a SIM card.
 27. A method of processing atransaction between a supplier and a customer, using a transactionprocessing system, said method comprising: (a) within the supplierdevice: (i) receiving transaction data and customer-supplied customeridentifying indicia; (ii) generating a transaction message containingthe supplier identifying indicia (obtained from data storage meanswithin the supplier device), the transaction data and the customeridentifying indicia; (iii) transmitting the transaction message to thesupplier device telecommunications means; and (iv) sending thetransaction message to the system server; (b) within the system server:(i) receiving the transaction message; (ii) verifying that the supplieridentifying indicia and the customer identifying indicia in thetransaction message match corresponding indicia within the supplierinformation and customer information (stored in data storage meanswithin the server); (iii) issuing either a transaction proceed order ora transaction terminate order based on result of said verification; (iv)transmitting the transaction proceed order or the transaction terminateorder to the server message generation means; (v) generating, within theserver message generation means, either: a transaction denied messagefollowing receipt of a transaction terminate order; or a transactionrequest message following receipt of a transaction proceed order, saidmessage containing, the supplier identifying indicia, the transactiondata, the customer identifying indicia, and a unique transactionidentifier which is different for each transaction; (vi) transmittingthe transaction denied message or the transaction request message to theserver telecommunications means; (vii) sending the transaction deniedmessage to the supplier device or sending the transaction requestmessage to mobile device telecommunication means of the customer; (c)within the mobile communication device: (i) receiving, within thetelecommunication means of the mobile device, the transaction requestmessage; (ii) transmitting the transaction request message to receivingmeans within a message processing program module; (iii) said module:extracting transaction data and supplier data from the transactionrequest message; generating and displaying, on a visual display screenof the mobile communication device, a message containing the transactiondata, the supplier identifying indicia and a request for the customereither to: authorise the transaction, by making a first predeterminedentry in a keypad of the mobile device, said predetermined entryincluding a secret identification parameter of the customer, or declinethe transaction, by making a second predetermined entry in the keypad;receiving an authorisation order generated by the first pre-determinedentry into the keypad; following receipt of said authorisation order,verifying that the identification parameter matches the customersecurity criterion in the mobile device data storage means and, if theydo match, generating a verification message, said verification messagecontaining the contents of the transaction request message; encryptingthe verification message to generate a secure verification message;transferring the secure verification message to the mobile devicetelecommunication means; (iv) sending the secure verification message tothe system server.
 28. A method according to claim 27 wherein the uniquetransaction identifier of the transaction request message is assigned bythe system server.
 29. A method according to claim 27 including thefurther step of forwarding the secure verification message from thesystem server onto the transaction processing server.
 30. A methodaccording to claim 29 further including the transaction processingserver decrypting the secure message verification.
 31. A methodaccording to claim 30 wherein, following decryption, the transactionprocessing server: (a) identifies a customer account associated with thecustomer identifying indicia and a supplier account associated with thesupplier identifying indicia; and (b) arranges for said customer accountto be debited by the monetary amount of the transaction and for saidsupplier account to be credited by the monetary amount.
 32. A methodaccording to claim 27 wherein the transaction message, the transactionrequest message and the verification message are mobile data messages.33. A method according to claim 32 wherein the mobile data messages areselected from SMS messages, GPRS messages and UTMS messages.